package com.yang.yangmusic.config;

import com.yang.yangmusic.exception.RestAuthenticationEntryPoint;
import com.yang.yangmusic.filter.JwtAuthenticationFilter;
import com.yang.yangmusic.filter.JwtAuthorizationFilter;
import com.yang.yangmusic.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;

/**
 * @Auther:zhaoyangyang
 * @Date:2022/1/9-01-09-8:29
 * @Description:com.yang.yangmusic.config
 * @version:1.0
 */
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

 public static final String SECRET = "YuanLiMusic";
 public static final long EXPIRATION_TIME = 864000000; // 10 days
 public static final String TOKEN_PREFIX = "Bearer ";
 public static final String HEADER_STRING = "Authorization";
 public static final String SIGN_UP_URL = "/users/";
 UserService userService;
 RestAuthenticationEntryPoint restAuthenticationEntryPoint;

 @Override
 protected void configure(HttpSecurity http) throws Exception {
   http.cors().and().csrf().disable()
           .authorizeRequests()
           .antMatchers(HttpMethod.POST,SIGN_UP_URL).permitAll()
           .anyRequest().authenticated()
           .and()
           .addFilter(new JwtAuthenticationFilter(authenticationManager()))
           .addFilter(new JwtAuthorizationFilter(authenticationManager()))
           .exceptionHandling()
           .authenticationEntryPoint(restAuthenticationEntryPoint)
           .and()
           .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
 }

 @Override
 protected void configure(AuthenticationManagerBuilder auth) throws Exception {
 auth.userDetailsService(userService);
 }
 @Autowired
  public void setUserService(UserService userService){
   this.userService=userService;
 }
 @Autowired
 public void setRestAuthenticationEntryPoint(RestAuthenticationEntryPoint restAuthenticationEntryPoint) {
  this.restAuthenticationEntryPoint = restAuthenticationEntryPoint;
 }
}
